From 3789c7b592280bde502a377c5d7c31108d90db82 Mon Sep 17 00:00:00 2001
From: Steve Coast <steve@asklater.com>
Date: Sat, 7 Apr 2007 10:28:38 +0000
Subject: [PATCH 1/1] throw user to login if trying to edit without logging in

---
 app/controllers/application.rb     | 4 ++++
 app/controllers/site_controller.rb | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index a4f65cd54..6520e027b 100644
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -6,6 +6,10 @@ class ApplicationController < ActionController::Base
     @user = User.find_by_token(session[:token])
   end
 
+  def require_user
+    redirect_to :controller => 'user', :action => 'login' unless @user
+  end
+
   def authorize(realm='Web Password', errormessage="Could't authenticate you") 
     username, passwd = get_auth_data # parse from headers
     # authenticate per-scheme
diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb
index 380c41436..f4ccd3c74 100644
--- a/app/controllers/site_controller.rb
+++ b/app/controllers/site_controller.rb
@@ -1,6 +1,6 @@
 class SiteController < ApplicationController
   before_filter :authorize_web
-
+  before_filter :require_user, :only => [:edit]
   def index
 
   end
-- 
2.43.2